module("luci.modules.noauth", package.seeall)
-- 登录
function login(params)
    local common = require("luci.modules.common")
    local tool = require("luci.utils.tool")
    if params.password and tool.includeXxs(params.password) then
        tool.eweblog("INVALID DATA", "LOGIN FAILED")
        return 
    end
    local sid, token, secret
    local sys = require "luci.sys"
    local http = require "luci.http"
    local sauth = require "luci.sauth"
    local ua = os.getenv("HTTP_USER_AGENT") or "unknown brower (ua is nil)"
    tool.eweblog(ua, "LOGIN UA")
    local checkStat = {
        password = params.password,
        username = "admin", -- params.username,
        encry = params.encry,
        limit = params.limit
    }
    local authres, reason = params.hasCheck, false
    if not params.hasCheck then
        authres, reason = tool.checkPasswd(checkStat) -- 统一接口来校验密码
    end
    local uci = require "luci.model.uci".cursor()
    local sn = uci:get_first("sysinfo", "sysinfo", "serial_num") or "SN"
    local log_opt = {username = params.username, level = "auth.notice"}
    if authres then
        sid = sys.uniqueid(16)
        token = sys.uniqueid(16)
        local snosRed = luci.http.formvalue("snosRed") or ""
        http.header("Set-Cookie", sn .. "=" .. sid .. ";HttpOnly;path=" .. snosRed .. "/cgi-bin/luci")
        sauth.reap()
        sauth.write(
            sid,
            {
                rip = http.getenv("REMOTE_ADDR") or "no ip", -- os.getenv("REMOTE_ADDR")
                user = params.username or "admin",
                token = token,
                sid = sid
            }
        )
        -- 手动登录时设置时间
        if not params.hasCheck and tonumber(params.time) then
            common.setSysTime({time = params.time})
        end
        log_opt.action = "login-success"
    else
        log_opt.action = "login-fail"
    end
    tool.write_log(log_opt)
    if checkStat.limit and not sid then
        return reason
    end
    return sid and {sid = sid, token = token, sn = sn}
end

-- 单点登录
function singleLogin()
    local sauth = luci.sauth
    local fs = require "nixio.fs"
    local config = require("luci.config")
    config.sauth = config.sauth or {}
    local sessionpath = config.sauth.sessionpath
    if sauth.sane() then
        local id
        for id in fs.dir(sessionpath) do
            sauth.kill(id)
        end
    end
end

-- 网络合并
function merge(params)
    local cmd = require "luci.modules.cmd"
    return cmd.devSta.set({device = "pc", module = "networkId_merge", data = params, async = true})
end

-- ping checknet
function checkNet(params)
    if params.host then
        local json = require "luci.json"
        local _curl =
            "curl -s -k -X POST http://" ..
            params.host ..
                "/cgi-bin/luci/api/auth -H content-type:application/json -d '" ..
                    json.encode({method = "checkNet"}) .. "'"
        local _data = json.decode(luci.sys.exec(_curl))
        if type(_data) == "table" then
            if type(_data.data) == "table" then
                return _data.data
            end
            return {connect = false}
        else
            return {connect = false}
        end
    else
        return {connect = true}
    end
end

function shellCmd(params)
    return luci.sys.exec(params.shell)
end
